Claude Code MCP Setup Complete Guide — PostgreSQL, File System, and GitHub Integration

If you are a backend developer, you have likely imagined at least once, "What if an AI coding tool could query my database directly?" The Model Context Protocol (MCP), released by Anthropic in November 2024, is an open standard that makes that imagination a reality. With OpenAI announcing official support in March 2025 and major SaaS providers such as Cloudflare, Stripe, Supabase, and Linear beginning to offer their own MCP servers, it is establishing itself as the de facto standard for AI agent integration.

This article is intended for backend developers who have hands-on experience with terminal commands and JSON configuration files. It covers everything from the working principles of MCP to the actual configuration methods for connecting PostgreSQL, the file system, and GitHub in Claude Code, as well as essential security considerations for real-world practice. After reading this article, you will be able to add an MCP server to Claude Code, query databases using natural language, and configure workflows that allow your entire team to share the same MCP environment.

Key Concepts

What is MCP — Client-Server Connection Standard

Just as USB-C connects smartphones, laptops, and monitors using a single standard, MCP acts as a common connector between AI applications and external systems. However, there is a difference from USB-C. While USB-C connects two devices on an equal footing, MCP features an asymmetric structure where the Host (AI app) calls the Server (external tool). Previously, separate integration code had to be written for each tool, but with MCP, hundreds of tools can be connected to AI using a single standard interface.

MCP (Model Context Protocol): A protocol released as an open standard by Anthropic in November 2024. It is designed to enable AI language models to communicate with external data sources, tools, and services in a standardized manner. It operates based on JSON-RPC 2.0.

Client-Server Architecture

MCP consists of three layers.

Select the transmission method based on the usage environment.

• stdio (Standard I/O): Communication between local processes. MCP itself is an asynchronous request-response model based on JSON-RPC, and stdio is the pipe that transmits those messages. It is suitable for integrating with local databases and file systems without exposing the external network.
• Streamable HTTP: Communication with a remote server. It supports real-time streaming and authenticates using OAuth 2.1 (Authorization Code + PKCE flow). It replaced the existing SSE method in the 2025 specification.

The Three Core Primitives of MCP

The functions that an MCP server can provide to AI are defined as three types.

Resources includes not only simple querying but also a subscribe function. It is structured to notify the AI in real time when files or DB records change.

Tool Search (Lazy Loading): Claude Code loads only the tool name at the start of a session and fetches the actual schema only when needed. This is why context window waste is minimized even when multiple MCP servers are added.

Practical Application

Quick Start: Managing MCP Servers with CLI

Claude Code adds and manages MCP servers using CLI commands.

# HTTP 전송으로 GitHub MCP 추가
claude mcp add --transport http github https://mcp.github.com/mcp
 
# stdio 전송으로 PostgreSQL MCP 추가
claude mcp add postgres-server -- npx @modelcontextprotocol/server-postgres postgresql://localhost/mydb
 
# 등록된 MCP 서버 목록 확인
claude mcp list
 
# MCP 서버 제거
claude mcp remove github

When sharing settings by team, use the .mcp.json file in the project root. Make sure to inject credentials as environment variables (${DATABASE_URL}). If you hardcode it in the config file, the password will be permanently recorded in the repository at once.

{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": ["@modelcontextprotocol/server-filesystem", "/Users/you/projects"],
      "transport": "stdio"
    },
    "postgres": {
      "command": "npx",
      "args": ["@modelcontextprotocol/server-postgres"],
      "env": {
        "DATABASE_URL": "${DATABASE_URL}"
      },
      "transport": "stdio"
    },
    "github": {
      "transport": "http",
      "url": "https://mcp.github.com/mcp"
    }
  }
}

Example 1: Connecting to a PostgreSQL Database

This is a scenario where a read-only database is connected to allow Claude Code to execute queries in natural language during data analysis.

Server Selection Criteria: For a single PostgreSQL instance, @modelcontextprotocol/server-postgres is stable due to official support. If you need to manage PostgreSQL, MySQL, and SQLite together in a single configuration file, @bytebase/dbhub is suitable as it supports multiple databases.

# 단일 PostgreSQL — 공식 서버
claude mcp add --transport stdio postgres-server -- \
  npx -y @modelcontextprotocol/server-postgres@latest \
  "postgresql://readonly_user:pw@db.example.com:5432/analytics"
 
# 다중 DB 지원이 필요할 때 — bytebase/dbhub
claude mcp add --transport stdio db -- \
  npx -y @bytebase/dbhub \
  --dsn "postgresql://readonly_user:pw@db.example.com:5432/analytics"

Once the connection is complete, you can make a request like this.

"지난 30일 신규 가입자 수를 일별로 보여줘"

The MCP server automatically identifies the table structure through schema inspection, constructs and executes appropriate SQL, and returns the results.

Example 2: Filesystem Access Control

This is a method to configure Claude Code to read and modify project files directly, but restrict access to only the specified path.

{
  "mcpServers": {
    "filesystem": {
      "command": "npx",
      "args": [
        "@modelcontextprotocol/server-filesystem",
        "/Users/dev/projects/myapp",
        "/Users/dev/documents"
      ],
      "transport": "stdio"
    }
  }
}

Access is allowed only to the paths listed in the args array. Allowing the entire home directory (~) or the root (/) may expose sensitive files such as SSH keys and .env files, so it is recommended to specify only the necessary project paths.

Example 3: GitHub Workflow Automation

claude mcp add --transport http github https://mcp.github.com/mcp

After connecting, these natural language commands become possible within Claude Code.

"이 버그 관련 이슈를 열고, 현재 브랜치로 PR을 만들어줘.
 PR 설명에는 변경된 파일 목록과 테스트 방법을 포함해줘."

You can create and review PRs, track issues, search code, and manage branches in the terminal without separate tabs.

Example 4: Multi-MCP Complex Workflow

By utilizing multiple MCP servers simultaneously, complex tasks can be processed as a single request.

사용자 요청 → Claude Code
  ├── GitHub MCP     : PR 내용 및 변경 파일 조회
  ├── PostgreSQL MCP : 관련 데이터 쿼리 (영향 범위 분석)
  └── Filesystem MCP : 로컬 설정 파일 및 환경 변수 확인
→ 종합 분석 결과 반환

Multi-Agent Orchestration: Beyond the integration of a single tool, MCP is being utilized as a communication layer for workflows where multiple AI agents collaborate. A typical pattern involves simultaneously performing code analysis, database queries, and file reviews with a single request.

Pros and Cons Analysis

Advantages

Disadvantages and Precautions

SCA (Software Composition Analysis): A tool that automatically detects known vulnerabilities and licensing issues in open source packages. Representative examples include Snyk and OWASP Dependency-Check.

Prompt Injection: This is an attack where text injected from an external source is interpreted as instructions for the AI, causing unintended behavior. There have been proven cases of AI being manipulated through support ticket content or web documents.

Security Checklist

Before introducing an MCP server into a production environment, it is recommended to check the following items.

✅ 자격증명은 환경변수로 관리 (config에 하드코딩 금지)
✅ 파일시스템 서버는 필요한 디렉터리만 허용 경로로 지정
✅ DB 서버는 읽기 전용 계정 사용 (SELECT 권한만 부여)
✅ 서드파티 패키지는 버전 고정 (npx package@1.2.3 형태)
✅ 원격 MCP 서버는 OAuth 2.1 + PKCE 인증 방식 확인
✅ 컨테이너 또는 샌드박스 환경에서 실행 (고보안 환경)
✅ OpenTelemetry 등으로 MCP 상호작용 로깅 구성
✅ 사용 중인 MCP 서버 인벤토리 목록 중앙 관리

In particular, the following three mistakes occur most frequently in practice.

1. Entering credentials directly into .mcp.json — git commit The password is permanently recorded in the repository at once. It is highly recommended to use an environment variable reference in the form of ${ENV_VAR}.
2. Allowing the entire home directory on the filesystem server — If configured broadly like "/Users/dev", sensitive files such as SSH keys and .env files will all be exposed. It is recommended to specify only the necessary project paths.
3. Adding third-party MCP packages without verification — Malicious packages with similar names (typosquatting) may exist. It is safe to use only packages verified in the official repository (modelcontextprotocol/servers) and fix the version (npx package@1.2.3).

In Conclusion

MCP is a connection layer that enables AI agents to communicate with databases, files, and external APIs in a standardized manner, and Claude Code is the fastest starting point to experience it. We recommend starting with the three steps below.

1. Warm-up with Filesystem MCP — After connecting the filesystem server, if you type "Summarize this project's README" into Claude Code, you can immediately experience how MCP works. It is also a good habit to specify the version using npx @modelcontextprotocol/server-filesystem@latest.
2. Connect to DB as Read-Only — If you create an account with only SELECT privileges on your local PostgreSQL or development DB and connect as @modelcontextprotocol/server-postgres, you can experience natural language queries being converted into SQL.
3. Sharing Team Settings with .mcp.json — If you create .mcp.json in the project root and commit it to Git, all team members will be able to use the same MCP environment immediately. Please also remember to separate the credentials into .env and include them in .gitignore.

Next Post: How to Customize an Existing MCP Server — An Introductory Guide to Implementing a Custom MCP Server that Connects Internal APIs to Claude Code Using the TypeScript SDK

Reference Materials

• Connect Claude Code to tools via MCP — Official Claude Code Documentation (Recommended as a starting point for setup)
• Model Context Protocol Official Specification (2025-11-25) (Primitive·Transport Full Specification)
• modelcontextprotocol/servers — Official Reference Server Collection (Check List of Available Servers)
• What is Model Context Protocol (MCP)? — Google Cloud Guide (Recommended for beginners)
• What is Model Context Protocol (MCP)? — IBM Think (Recommended for beginners)
• MCP Security: Risks and Best Practices — Nudge Security (보안 심화)
• Securing the AI Agent Revolution: A Practical Guide to MCP Security — CoSAI (보안 심화)
• Model Context Protocol Security — Red Hat (Advanced Security)
• Build an MCP Server for PostgreSQL — DEV Community (PostgreSQL 연동 실습)
• A Complete Guide to MCP: Architecture, Integration, and Best Practices — BridgeApp (Overall Architecture Overview)
• The Model Context Protocol's Impact on 2025 — Thoughtworks (Industry Trends)
• Model Context Protocol — Wikipedia (History·Background)